<?php

/*
 * File: bank-execute.php
 * Descrizione: Pagina della banca
*/

// Avvia una nuova sessione o riprende una sessione gi� creata
session_start();

// Include i file necessari
include('inc/config.inc.php');
include('inc/template.inc.php');
include('inc/db.inc.php');
include('inc/check.inc.php');

// Recupera l'id dell'utente
$user_id	= $_SESSION['uid'];
$user_name	= $_SESSION['unm'];
$action		= ( ! empty($_POST['action'])) ? $_POST['action'] : 0;

if ($r1 = $db -> query("SELECT * FROM bank WHERE user_id = '$user_id'"))
{
	$rd1 = $r1 -> fetch_assoc();
	
	$abalance = $rd1['account_balance'];
	$account_id = $rd1['account_id'];
	
	switch ($action)
	{
		case 1: // Creazione Conto
			$money_num = $_POST['money_num'];
		
			if ($r2 = $db -> query("SELECT user_money FROM users WHERE user_id = '$user_id'"))
			{
				$rd2 = $r2 -> fetch_assoc();
				
				if ($money_num <= $rd2['user_money'] AND $money_num >= 50)
				{					
					$db -> query("UPDATE users SET user_money = user_money - $money_num WHERE user_id = '$user_id'");
										
					$db -> query("INSERT INTO bank (account_id, user_id, account_balance)VALUES('NULL', '$user_id', '$money_num')");
					
					// Effettua il log dell'azione.
					$assign_msg = 'Creazione conto';
					$db -> query(log_action('2', $money_num, $assign_msg, $user_id, $_SESSION['uid']));
						
						header('location: bank.php?mod=1');
					
				} else if($money_num < 50)
				{
					
					header('location: bank.php?mod=4');
					
				} elseif($money_num > $row1['user_money'])
				{
					
					header('location: bank.php?mod=5');
					
				}
			}
		break;
		
		case 2: // Deposita
			$money_num = ( ! empty($_POST['money_num'])) ? (int)$_POST['money_num'] : 0;
			
			if ($r3 = $db -> query("SELECT user_money FROM users WHERE user_id = '$user_id'"))
			{
				$rd3 = $r3 -> fetch_assoc();
				
				if ($money_num <= $rd3['user_money'])
				{
					$new_money = $rd3['user_money'] - $money_num;
					
					$db -> query("UPDATE users SET user_money = user_money - $money_num WHERE user_id = '$user_id'");
					
					$new_balance = $abalance + $money_num;
					
					$db->query("UPDATE bank SET account_balance = account_balance + $money_num WHERE account_id = '$account_id'");
					
					// Effettua il log dell'azione.
					$assign_msg = 'Deposito';
					$db -> query(log_action('2', $money_num, $assign_msg, $user_id, $_SESSION['uid']));
					
						header('location: bank.php?mod=2');
				} elseif($money_num > $rd2['user_money'])
				{
					header('location: bank.php?mod=5');
				}
			}
		break;
		
		case 3: // Ritira
			$money_num = ( ! empty($_POST['money_num'])) ? (int)$_POST['money_num'] : 0;
		
			if ($r4 = $db -> query("SELECT user_money FROM users WHERE user_id = '$user_id'"))
			{
				$rd4 = $r4 -> fetch_assoc();
				
				if ($money_num <= $abalance)
				{
					$db -> query("UPDATE users SET user_money = user_money + $money_num WHERE user_id = '$user_id'");
										
					$db -> query("UPDATE bank SET account_balance = account_balance - $money_num WHERE account_id = '$account_id'");
					
					// Effettua il log dell'azione.
					$assign_msg = 'Ritiro';
					$db -> query(log_action('2', $money_num, $assign_msg, $user_id, $_SESSION['uid']));
					
						header('location: bank.php?mod=3');
				}
			} else {
				header('location: bank.php?mod=5');
			}
		break;
	}
}

// Chiude la connessione al database
$db -> close();

?>